body<=
" unless LJ::text_in(\%POST);
my $mode = $POST{mode} || 'getinfo';
my $remote = LJ::get_remote();
return "" if !$remote;
return ""
if $remote->{journaltype} ne 'P';
return ""
unless $remote->{statusvis} eq 'V';
if ($remote->underage) {
return BML::redirect("$LJ::SITEROOT/agecheck/?s=1");
}
# fix up the incoming data (is used in getinfo mode and submit mode so it's here)
$POST{membership} = 'open'
unless $POST{membership} =~ m/^(?:open|moderated|closed)$/;
$POST{postlevel} = 'members'
unless $POST{postlevel} =~ m/^(?:members|select)$/;
$POST{nonmember_posting} = '0'
unless $POST{nonmember_posting} =~ m/^[01]$/;
$POST{moderated} = '0'
unless $POST{moderated} =~ m/^[01]$/;
# MODE: submit - try to create an account. might change mode
# if there are errors, we'll populate $error and
# return to "getinfo" mode below
my $error;
SUBMIT:
while ($mode eq 'submit') # using while instead of if so we can 'last' out of it
{
return "$ML{'Error'}: $ML{'.error.postrequired'}" unless LJ::did_post();
my $user = LJ::canonical_username($POST{user});
my $title = $POST{title} || $user;
# reject this email?
return LJ::sysban_block(0, "Create user blocked based on email",
{ new_user => $user, email => $remote->{email}, name => $user })
if LJ::sysban_check('email', $remote->{email});
$error = "$ML{'error.usernamelong'}" if length($user) > 15;
$error = "$ML{'error.usernameinvalid'}" if $POST{user} && !$user;
$error = "$ML{'.error.username.mustenter'}" unless $POST{user};
my $u = LJ::load_user($user);
if(!LJ::check_priv($remote, 'create_protected_com')){
foreach my $re ("^system\$", @LJ::PROTECTED_USERNAMES) {
next unless $user =~ /$re/;
# you can give people sharedjournal priv ahead of time to create
# reserved communities:
next if LJ::check_priv($remote, "sharedjournal", $user);
$error = "$ML{'.error.username.reserved'}";
}
}
my $second_submit = 0;
if ($u) {
my $in_use = 1;
if ($u->{email} eq $remote->{email}) {
if (LJ::login_ip_banned($u)) {
# brute-force possible going on
} else {
if ($u->{password} eq $remote->{password}) {
# oh, they double-clicked the submit button
$second_submit = 1;
# if we found a comm and everything matches, they double hit. if
# we found a person/etc, then they tried to recreate their community,
# which isn't allowed anymore
$in_use = $u->{journaltype} eq 'C' ? 0 : 1;
} else {
LJ::handle_bad_login($u);
}
}
}
if ($in_use) {
$error = "$ML{'.error.username.inuse'}";
}
}
last SUBMIT if $error;
my $qclusterid = LJ::new_account_cluster() + 0;
die "Cluster 0 not supported" unless $qclusterid;
my $userid = ref $u ? $u->{userid} : 0;
unless ($second_submit) {
my $dbh = LJ::get_db_writer();
my $errorcounter = 0;
my $old_print_error = $dbh->{PrintError}; # save PrintError mode
$dbh->{PrintError} = 0; # will check for errors manually
while (1) {
my $ruserid = LJ::get_new_userid("P");
if (!$ruserid) {
return "";
}
$dbh->do("set insert_id = $ruserid");
$dbh->do(
"INSERT INTO user (user, email, status, caps, name, clusterid, dversion, journaltype) ".
"VALUES (?, ?, ?, ?, ?, ?, $LJ::MAX_DVERSION, 'C')",
undef, $user, $remote->{email}, $remote->{status}, int($LJ::NEWUSER_CAPS), $title, $qclusterid);
if ($dbh->err) {
# who wants to try forever
if ($errorcounter > 10) {
return "" . $dbh->errstr . " p?>";
}
$errorcounter++;
sleep 1; # let it breathe
next; # try again
}
else {
$userid = $dbh->{'mysql_insertid'}; # smells like success
$dbh->{PrintError} = $old_print_error; # restore error reporting
return 0 unless $userid; # but?
last; # finally
}
}
if ($LJ::LJR_FIF) {
use LJ::MemCache;
my $ljr_fif_id = LJ::get_userid($LJ::LJR_FIF);
if ($ljr_fif_id) {
$dbh->do("INSERT INTO friends (userid, friendid) VALUES (?, ?)", undef, $ljr_fif_id, $userid);
# refresh memcache
#my $memkey = [$ljr_fif_id, "friends:$ljr_fif_id"];
#LJ::MemCache::delete($memkey);
LJ::get_friends($ljr_fif_id, undef, undef, 'force', {} );
}
}
$dbh->do("REPLACE INTO useridmap (userid, user) VALUES (?, ?)", undef, $userid, $user);
$dbh->do("REPLACE INTO userusage (userid, timecreate) VALUES (?, NOW())", undef, $userid);
# set any properties that get set in new users
$u = LJ::load_userid($userid);
while (my ($name, $val) = each %LJ::USERPROP_INIT) {
LJ::set_userprop($u, $name, $val);
}
# since they're a community, let's do more setup
$dbh->do("REPLACE INTO community (userid, membership, postlevel) VALUES (?, ?, ?)",
undef, $userid, $POST{membership}, $POST{postlevel});
LJ::set_userprop($u, 'nonmember_posting', $POST{nonmember_posting} + 0);
LJ::set_userprop($u, 'moderated', $POST{moderated} + 0);
LJ::set_rel($userid, $remote->{userid}, 'M') if $POST{moderated}; # moderator if moderated
LJ::set_rel($userid, $remote->{userid}, 'A'); # maintainer
LJ::join_community($remote, $u, 0, 1); # make them a member of the community
LJ::run_hooks("post_create", {
'userid' => $userid,
'user' => $user,
});
}
my $nu = LJ::load_userid($userid, "force");
# log creation
$nu->log_event('account_create', { remote => $remote });
# local sites may want to override what happens at this point
my $ret;
my $redirect;
my $stop_output;
LJ::run_hooks("create.bml_postsession", {
post => \%POST,
u => $nu,
type => 'community',
redirect => \$redirect,
ret => \$ret,
stop_output => \$stop_output,
});
return BML::redirect($redirect) if $redirect;
return $ret if $stop_output;
$ret = "";
my $uri = LJ::journal_base($nu);
$ret .= "\n";
$ret .= "$uri/ standout?>\n";
$ret .= "\n";
$ret .= "\n";
return $ret;
}
if ($mode eq "getinfo" || $error)
{
my $ret;
if ($error) {
$ret .= "$ML{'.errors.label'}